Closed BharathRedsecops closed 7 months ago
I have just re-deployed the latest version (today's commit) without issues. Please undeploy and deploy the latest version again and let me know if that worked.
Thank you working fine, can we generate accesskeys and username, password with api call instead of registering user from frontend
No, we want to enforce AWS Security Best Practices, therefore we are using IAM roles (assumed via the frontend application) instead of IAM users. As soon as a user has logged in, they can of course create IAM users with API access keys if needed.
Yeah got it, in case if we want to validate the activity done by user or if we need snapshot then..?
On 02-Jan-2024 3:00 pm, moellr @.***> wrote:
No, we want to enforce AWS Security Best Practices, therefore we are using IAM roles (assumed via the frontend application) instead of IAM users. As soon as a user has logged in, they can of course create IAM users with API access keys if needed.
— Reply to this email directly, view it on GitHubhttps://github.com/awslabs/sandbox-accounts-for-events/issues/49#issuecomment-1873785870, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BBBAREIWQKIAD4ALP3IOJ3TYMPHUJAVCNFSM6AAAAABBGJJHESVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNZTG44DKOBXGA. You are receiving this because you authored the thread.Message ID: @.***>
If you need to validate anything in their account, you as operator can always into any account from the lease list (login icon in the right table column). If you need to grab an EBS snapshot, you could share it with your target account (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html) and create a copy of it(https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-copy-snapshot.html), so is not destroyed when the source account is nuked.
Thank you, my idea is to prepare something like https://www.whizlabs.com/aws-sandbox/